Solution

This document provides instructions for installing Thawte SSL Web Server Certificates. If you are unable to use these instructions for your server, Thawte recommends that you contact either the vendor of your software or an organization that supports Apache-SSL.

Watch Thawtess Tutorial Videos for a more visual experience!

Note: If you are unable to view the video, please click here to go directly to the video source.

1. Download your certificate as per the instruction on the following solution: SO13187

2. To follow the naming convention for Apache, rename the certificate filename with the .crt extension. For example: public.crt

3. Copy your Certificate into the directory that you will be using to hold your certificates. In For example: /usr/local/ssl/crt/.

Step 3: Configure the Server

1. In order to use the key pair, the httpd.conf file will need to be updated.

2. In the Virtual Host section of the httpd.conf file, verify that you have the following 3 directives within this Virtual Host. Please add them if they are not present:

SSLCertificateFile /usr/local/ssl/crt/public.crt

SSLCertificateKeyFile /usr/local/ssl/private/private.key

SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt

The first directive tells Apache how to find the Certificate File, the second one where the private key is located, and the third line the location of the intermediate certificate.

If you are using a different location and certificate file names than the example above (which most likely you are) you will need to change the path and filename to reflect your server.

Note: Some instances of Apache contain both a httpd.conf and ssl.conf file. Please enter or amend the httpd.conf or the ssl.conf with the above directives. Do not enter both as there will be a conflict and Apache may not start.

1. Save your httpd.conf file and restart Apache. You can most likely do so by using the apachectl script:

apachectl stop

apachectl startssl

2. You should now be set to start using your Thawte certificate with your Apache server.

Legal

DigiCert is the world’s premier provider of high-assurance digital certificates—providing trusted SSL, private and managed PKI deployments, and device certificates for the emerging IoT market. Since our founding almost fifteen years ago, we’ve been driven by the idea of finding a better way. A better way to provide authentication on the internet. A better way to tailor solutions to our customer’s needs.